CVE-2017-3731

CVE-2017-3731 describes an out-of-bounds read/crash in SSL/TLS when running on 32-bit hosts using certain ciphers. Public sources in the connected documents show multiple vendors referencing OpenSSL in affected configurations: on OpenSSL 1.1.0, CHACHA20/POLY1305 can trigger the crash; on OpenSSL ...

CVE-2017-3731

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; user...

PT-2017-3944

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.2 through 1.0.2k OpenSSL versions 1.1.0 through 1.1.0d MySQL Server versions 5.6.35 and earlier MySQL Server versions 5.7.18 and earlier Description The issue is related to an out-of-bounds read in the OpenSSL library when...

UBUNTU-CVE-2017-3731

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; user...